LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

411

412

413

414

415

416

417

418

419

420

sshd account required libpam_hpsec.so.1

sshd account sufficient libpam_unix.so.1

sshd account required libpam_ldap.so.1

OTHER account required libpam_hpsec.so.1

OTHER account sufficient libpam_unix.so.1

OTHER account required libpam_ldap.so.1

# Session management

dtlogin session required libpam_hpsec.so.1

dtlogin session sufficient libpam_unix.so.1

dtlogin session required libpam_ldap.so.1

ftp session required libpam_hpsec.so.1 bypass_limit_login

bypass_umask bypass_nologin

ftp session sufficient libpam_unix.so.1

ftp session required libpam_ldap.so.1

rcomds session required libpam_hpsec.so.1 bypass_limit_login

rcomds session sufficient libpam_unix.so.1

rcomds session required libpam_ldap.so.1

sshd session required libpam_hpsec.so.1

sshd session sufficient libpam_unix.so.1

sshd session required libpam_ldap.so.1

OTHER session required libpam_hpsec.so.1

OTHER session sufficient libpam_unix.so.1

OTHER session required libpam_ldap.so.1

# Password management

passwd password required libpam_hpsec.so.1

passwd password sufficient libpam_unix.so.1

passwd password required libpam_ldap.so.1 try_first_pass

dtlogin password required libpam_hpsec.so.1

dtlogin password sufficient libpam_unix.so.1

dtlogin password required libpam_ldap.so.1 try_first_pass

sshd password required libpam_hpsec.so.1

sshd password sufficient libpam_unix.so.1

sshd password required libpam_ldap.so.1 try_first_pass

OTHER password required libpam_hpsec.so.1

OTHER password sufficient libpam_unix.so.1

OTHER password required libpam_ldap.so.1 try_first_pass

C.2.2 PAM configuration file for Windows ADS environment

In a Windows ADS environment, the autosetup script configures LDAP support by adding, for

all services of each service module type (auth, account, session, and password) defined in the

/etc/pam.conf file, the LIBPAM_KRB5 library object /usr/lib/security/

libpam_krb5.so.1 before the line that defines the PAM_UNIX module libpam_unix.so.1.

The following example shows the /etc/pam.conf file after it has been modified by autosetup.

# PAM configuration

# Notes:

# If the path to a library is not absolute, it is assumed to be

# relative to the directory /usr/lib/security/$ISA/

# For PA applications, /usr/lib/security/$ISA/libpam_unix.so.1 is a

# symbolic link that points to the corresponding PA (32 or 64-bit) PAM

# backend library.

# The $ISA (i.e. Instruction Set Architecture) token will be replaced

# by the PAM engine with an appropriate directory string.

# See pam.conf(4).

412 Samples of LDAP-UX configuration files created or modified by autosetup